Following security debacle, Microsoft to get outside audit of Hotmail

(IDG) -- Microsoft's Hotmail is getting audited. An outside firm will test the security of the free e-mail service following its recent security breach, a Microsoft spokesman says.

Microsoft is taking the action at the suggestion of Truste, a nonprofit group that monitors privacy issues on the Internet. Truste received three or four anonymous complaints on its Web site and called Microsoft to recommend an outside audit, Truste spokesman Dave Steer says.

"We think that they actually responded to the incident appropriately," Steer says. "But there was enough skepticism being pointed out in the media" that Truste thought it would be to Microsoft's advantage to have an outside audit validate its Hotmail fix and restore confidence in the service.

"We have to feel confident that their fix was not only appropriate, but worked," Steer says.

The audit shows that Microsoft takes privacy issues seriously, Microsoft spokesman Tom Pilla says. Findings from the audit are expected within the next several weeks.

The Hotmail breach exposed the accounts of approximately 40 million users by allowing anyone to type in a user name and fake password or no password and access a user's account. It was revealed after a Swedish Web site administrator included a link on his site to a Hotmail logon page that enabled the access. Microsoft fixed the hack later in the day.